Geographic internet asset filtering for internet video client

ABSTRACT

A device is enabled to display Internet TV by accessing a management server with a secret unique ID and receiving back from the server, assuming the ID is approved, a user token and a service list of content servers with knowledge of the user token. A user can select a content server which causes the device to upload its user token and in response receive a content list from the content server, from which content can be selected for display. Neither list may be modified by the device and the device can access only content on a content list. The service list may be tailored for the geographic location of the device.

This application claims priority from U.S. provisional applications nos.61/330,993 and 61/331,092, both filed May 4, 2010.

FIELD OF THE INVENTION The present application relates generally togeographic Internet asset filtering for Internet video clients includingbut not limited to TVs.

BACKGROUND OF THE INVENTION

Internet access through TVs is typically provided by essentiallyprogramming the TV as though it were a computer executing a browser.Such Internet access is thus uncontrolled except as a firewall orfiltering program might block certain sites.

As understood herein, uncontrolled Internet access may not be desirablein the context of a TV. A firewall or filtering program may not alwaysbe installed on the TV and even when one is installed, access remainsmuch more uncontrolled than conventional TV programming traditionallyhas expected. Also, a locally installed filter can be unloaded ordefeated by a user.

Accordingly, uncontrolled Internet access has several drawbacks. From aviewer's standpoint, exposure to inappropriate subject matterparticularly when young viewers are watching is one concern; a muchlower threshold of quality screening is another. That is, while many TVshows might not be widely considered as “quality” shows, nonetheless, aTV program is usually much more selectively screened than, say, anInternet video. The expectations of TV viewers for such higher levelquality screening as a consequence cannot be met by simply providingunfettered Internet access through the TV. Furthermore, TV-relatedentities, from content providers, manufacturers, and carriers, in mostcases derive no benefit from the extension of TV to the Internet. And,much Internet content that is appropriate for some geographic locationsis not appropriate for others, but unlike TV content, cannot be closelymanaged.

SUMMARY OF THE INVENTION

Accordingly, a consumer electronic (CE) device includes a housing, adisplay on the housing, a network interface, and a processor in thehousing controlling the display and communicating with the Internetthrough the network interface. The processor executes logic thatincludes contacting a management server and providing an InternetProtocol (IP) address to the management server. The IP address isassociated with a geographic location associated with the CE device. Theprocessor receives from the management server at least onegeographically-tailored service list which contains only content serveraddresses that have been approved for access in the geographic regionindicated by the IP address of the CE device. The service list ispresented on the display, and responsive to a user selection of an entryon the service list, the processor accesses a content server associatedwith the entry.

If desired, the processor permits the user no access to Internet sitesother than to the management server and content servers on the servicelist.

In another aspect, a management server includes a network interface anda processor communicating with the Internet through the networkinterface. The processor executing logic which include storing pluralgeographic-specific service lists. Each service list contains a list ofnetwork addresses of content servers approved for access by CE devicesin a respective geographic region. Thus, a first address of a firstcontent server for a first geographic location is on a first servicelist but not on a second service list and a second address of a secondcontent server for a second geographic location is on the second servicelist but not the first service list. The processor obtains a geographicindicator from a CE device contacting the management server, correlatesthe indicator to a geographic region, and returns the first service listto the CE device responsive to a determination that the CE device is ina first geographic region. In contrast, the processor returns the secondservice list to the CE device responsive to a determination that the CEdevice is in a second geographic region.

In another aspect, a method includes receiving, from a clientaudio-video presentation device to a management server, anidentification indicating a geographic location of the device. Themethod also includes, responsive to a determination that the device isin a first geographic location, returning, from the management server tothe device, a first list of content servers at which the device mayaccess content. Responsive to a determination that the device is in asecond geographic location, the method includes returning, from themanagement server to the device, a second list of content servers atwhich the device may access content.

The details of the present invention, both as to its structure andoperation, can best be understood in reference to the accompanyingdrawings, in which like reference numerals refer to like parts, and inwhich:

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of an example system in accordance withpresent principles;

FIG. 2 is a block diagram of another example system in accordance withpresent principles;

FIG. 3 is a flow chart of example geographic identification logic;

FIG. 4 is a flow chart of example authentication logic according topresent principles; and

FIG. 5 is a flow chart of example authorization logic according topresent principles.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

Referring initially to FIG. 1, a consumer electronics (CE) device 12(also referred to herein as “player” and “IPTV client”) such as a TV,game player, video disk player, camera, digital clock radio, mobiletelephone, personal digital assistant, laptop computer, etc. includes aportable lightweight plastic housing 14 bearing a digital processor 16.The processor 16 can control a visual display 18 and an audible display20 such as one or more speakers.

To undertake present principles, the processor 16 may access one or morecomputer readable storage media such as but not limited to RAM-basedstorage 22 (e.g., a chip implementing dynamic random access memory(DRAM)) or flash memory 24. Among other things, in example non-limitingembodiments video thumbnails may be stored on the RAM 22 while thebelow-described service list and tokens as well as user interface iconsmay be stored on the flash 24. Software code implementing present logicexecutable by the CE device 12 may also be stored on one of the memoriesshown to undertake present principles.

The processor 16 can receive user input signals from various inputdevices 26, including a remote control device, a point and click devicesuch as a mouse, a keypad, etc. A TV tuner 28 may be provided in someimplementations particularly when the CE device is embodied by a TV toreceive TV signals from a source such as a set-top box, satellitereceiver, cable head end, terrestrial TV signal antenna, etc. Signalsfrom the tuner 28 are sent to the processor 16 for presentation on thedisplay 18 and speakers 20.

As shown in FIG. 1, a network interface 30 such as a wired or wirelessmodem or wireless telephony transceiver communicates with the processor16 to provide connectivity to a management server 32 on the Internet andto one or more content servers 34. The servers 32, 34 have respectiveprocessors. It is to be understood in view of disclosure below that theCE device 12 particularly when implemented by a non-PC device such as aTV or game console or camera can communicate only with the managementserver 32 and with content servers 34 that appear on a service listprovided to the processor 16 by the management server 32, with theservice list not being modifiable by the processor 16.

FIG. 2 shows a CE device 12 a that in all essential respects isidentical to the device 12 shown in FIG. 1, except that a networkinterface 30 a is not located within the device housing 14 a but insteadis supported in a separate Internet link module housing 36 that may bemounted on the device housing 14 a.

Now referring to FIG. 3, at block 37 geographic-specific service listsare generated and provided to the management server 32. As divulgedfurther below, a service list contains a list of network addresses ofapproved content servers 34. The content servers 34 typically areaffiliated with business partners of the entity associated with themanagement server 32. Recognizing that some content and/or contentservers may be appropriate for a first geographic location but not for asecond location, a business partner may provide the address (“A”) of afirst content server for the first geographic location and the address(“B”) of a second content server for the second geographic location. Inthis example hypothetical, a first service list would include theaddress “A” but not “B” and vice-versa for a second service list,thereby tailoring the lists for the first and second geographiclocations, respectively.

At block 38, when the CE device 12 initially contacts the managementserver 32, the server 32 obtains the Internet Protocol (IP) address ofthe CE device 12 or other suitable indicator of the geographic locationof the CE device 12. The IP address of the CE device 12 is correlated toa geographic region at block 40 by, e.g., using a lookup of IP addressesand their corresponding locations. Note that the IP address obtained bythe server 32 may be a proxy of a service provider and thus that thegeographic region of the service provider is obtained at block 40, whichfor present purposes is a sufficiently close approximation of thegeographic location of the CE device 12. Block 42 simply indicates thatthe service list or lists corresponding to the geographic locationdiscovered at block 40 is returned as part of the authentication processin block 48 below.

Indeed and now referring to FIG. 4, at block 44 the CE device 12periodically checks in with the management server 32. Proceeding toblock 46, the management server 32 authenticates itself to the CE device12 so that the CE device 12 knows that it is contacting the correctserver and is not being spoofed. The authentication may be undertakenusing, e.g., SSL certificates. The CE device 12 can then send to theserver 32 a unique CE device ID in a SSL, without requiring keyencryption of the processor 16. The CE device 12 may verify the server32 using the public key of the certificate authority of the servercertificate returned by the server 32.

Block 48 indicates that next in the logic flow, the management server 32downloads to the CE device 12 a user token, also referred to herein asan access token or service token, along with one or more service listseach of which contains a list of network addresses of approved contentservers 34. This may be done again using SSL. As described above, theservice list or lists downloaded at block 48 are geographicallycorrelated to the geographic location of the CE device 12 discovered inFIG. 3. The user token preferably has an expiration period after whichit is no longer accepted by content servers during the authorizationlogic discussed below. The management server 32 provides the user tokenalong with its expiration time to the content servers 34 for purposes tobe shortly disclosed.

The service list is typically presented by the processor 16 in a userinterface (UI) presented on the display 18. The UI may simply presenticons of service providers associated with the various approved contentserves 34 whose network addresses can underlie the UI in the list. TheUI may also present other content as desired such as the names of genresavailable at each content server, etc. In any case, a user of the CEdevice 12 may manipulate the input device 26 to select a member of theservice list at block 50, which causes the processor 16 to upload,though the network interface 30, the user token to the selected contentserver 34 to enter the authorization logic of FIG. 5.

As discussed above, only content servers 34 on the closed andunmodifiable (except by the management server 32) service list(s)downloaded to the CE device 12 by the management server 32 can beselected by the user, as indicated at block 52. As new services(embodied by newly approved content servers 34) become available, theycan be added to the service list(s) and, hence, made available acrossall platforms on the fly.

Recall that user tokens and their expiration times are provided by themanagement server to the content servers 34. Each content server 34 canthen maintain a local database of active user tokens, removing each oneat its respective expiration time. When a content server 34 receives auser token at block 54, it checks it against the local database ofactive tokens and if the user token is in the database, the logic movesto block 56 wherein the content server 34 returns a content list to theCE device 12. Thus, no further authentication is required between the CEdevice 12 and content server 34 beyond the provisioning of an activeuser token by the CE device 12. And, by virtue of the content server 34appearing on the service list provided by the management server 32, theCE device 12 knows that it may trust the content server 34 without needfor any further authentication on the part of the content server 34.

Essentially, a content list is a list of audio-video programs that theentity associated with the content server 34 has elected to makeavailable to platforms in the Internet TV system. Like the service list,the content lists from the content servers 34 cannot be modified by theCE device 12.

Moving to block 58, the user may manipulate the input device 26 toselect a program on the content list, which is then delivered, as bystreaming, from the content server 34 to the CE device 12 forpresentation on the display 18 and speakers 20.

Accordingly, once the CE device 12 is authenticated, the CE device 12 isdelivered a geographically-tailored “service list” from the managementserver, i.e., a service list that contains only content server addressesthat have been approved for access in the geographic region indicated bythe IP address of the CE device 12. The CE device 12 is assumed to notbe open, and preferably no tools are provided to allow modification ofthe list after it is delivered to the CE device 12. The list can besigned by the management server 32 and delivered in a unique session toa CE device 12 so that it is therefore not feasible for an eavesdropperto intercept and change or substitute the list externally. The servicelist is typically delivered in an encrypted channel using secure socketlayer (SSL) or other secure means.

As mentioned above, the service list consists of a list of networkaddresses such as uniform resource locators (URLs) to service (content)providers, i.e., the content servers 34. The CE device 12 uses the URLslisted in the service list to obtain a content list of video or audio toplay. The content list may also be delivered in an encrypted channelusing secure socket layer (SSL) or other secure means, and preferably itis not possible for the client to modify the URLs in the content list.

If desired, the service list URLs and the content list URLs can havetags that identify the type of CE device 12. Alternatively, as part ofthe authentication process, the CE device 12 may be given a ServiceToken by the management server which can identify the device to theservice provider.

It will be appreciated that the mere possession of a particular URL to aservice provider and user token allows access to the content. This is adesirable simplification as the fulfillment URL is that which isdelivered to the CE device 12. The fulfillment URL is delivered in asecure way. In any case, present principles provide a scalable optionfor granting access to content on the Internet. The definition of aright to access is agreed upon by the management systems and the serviceproviders and this is manifested by a fulfillment URL.

Content titles available for viewing by the user can be obtained fromthe selected content server through an appropriate HTML request. Theresponse to this request is a list of asset records, with each recordcontaining fields (metadata) pertaining to a particular content title.Since a common asset list structure is used for the delivery of avariety of different lists, e.g. content asset lists, bookmark lists,message lists, etc., some asset record fields are not applicable to aparticular list context, not filled with data by the server and areignored by the client.

Navigation to user-selected content is accomplished through any one of avariety of methods on a per-asset and in some cases, per-instance basis.The selection of which method to use may be entirely at the discretionof the service provider based upon their service implementation,business needs, etc. Navigation methods available include directnavigation, indirect navigation, navigation using discrete playlists,navigation using incremental or server-based playlists, navigation usingclient-side playlists, static asset association to a playlist anddynamic asset association with a playlist.

The simplest case is direct navigation to a URL. In this case, the assetrecord source field can carry the actual URL of the selected content. Inthe process of accessing the content through issuing an HTTP GET to theURL, there can be a series of intervening 302 REDIRECT responses issuedby the URL target and these can be interpreted and followed by the IPTVclient to ultimately access a deliverable resource.

The second navigation method is indirect navigation, using a pointer tothe desired asset. For many content providers, the actual content URL isa non-static value that is dynamically changed and may be encoded withsecurity and user/usage tracking information. As a result, the URLassigned to a particular piece of content may be different for differentusers as well as for successive asset list queries made by the sameuser. Additionally, the assigned URL may expire after a relatively shortperiod and become unresolvable prior to the user navigating to theassociated content. The use of the indirect navigation method isindicated to the client by omitting the source URL value in the assetrecord.

The indirect navigation schema can be implemented by the processor 16using the content provider assigned asset ID value, contained in theasset record, as the sole persistent reference to a particular piece ofcontent. Because the desired asset has no source value, the processor 16knows that indirect navigation is to be used and issues an appropriateHTML request passing the asset ID value to the service provider. The URLthat the provider wishes to have assigned to that asset selectioninstance may be determined by the CE device 12 through the responseobtained from the content provider as a result of an appropriate HTMLrequest. In turn, an HTTP GET request can be issued by the client to thereceived URL string and the resulting A/V stream is then routed to theIPTV video player subsystem for decoding and rendering on the attachedtelevision. The form of the response can be in the form of a playlist,containing at least one entry, in order to resolve the URL associatedwith the indicated asset.

The data structures and request syntax provides flexibility for theservice provider in presenting content to the user. Content may beseparated and presented grouped under a common context referred to as acategory. Content can be alternatively accessed through the video guidein a graphical hierarchy using ‘pipe’ assets. The display order ofcontent can be user selected through service provider defined sortselections under the options menu. Service providers can determinewhich, if any, of these features to use and the extent.

The definition of categories and their naming can be determined by eachservice provider. The scope of category definition may be limited to asingle service provider, and each category definition may have two maincomponents. The first component can be the text name to be displayed onthe IPTV UI in the category list on-screen. The second component can bea category ID string, also defined by the service provider, indicatingto the provider's hosting implementation a unique action that should betaken in association with the selection of displayed category textstring by the user.

Pipe assets are a special type of navigable asset that can be includedwithin the list of returned asset records in response to an appropriaterequest. Pipe assets can have a title and associated thumbnail, just asvideo assets have. The difference is that pipe assets typically have noassociated source asset, but instead have specified category, option andlist offset variables that are provided to the IPTV client instead. TheCE device 12, in-turn, may immediately send a request to the serviceprovider with the category, option and list offset values as wereindicated in the pipe parameters in the asset record. By being able tocontrol where the video guide focus moves to through a user selection ofthe pipe asset, the service provider can create a completely iconicnavigation experience with the appearance of hierarchical categories andassets (subcategories), jump to beginning, end or any arbitrary point ina long list of assets, etc.

The definition of sorting options and the associated naming can bedetermined by each service provider. The scope of display orderdefinition can be limited to a single service provider. Each sortdefinition may have two main components, namely, a text name to bedisplayed on the UI of the CE device 12 in a ‘sort by’ list on-screenand an option ID string, also defined by the service provider thatindicates the action to be taken upon selection of an option.

Content selected by the viewer from the video guide display for playbackcan be communicated to the service provider (i.e., a content server 34)by the CE device 12 sending an HTTP GET request to the URL stringassociated in the metadata record for the desired asset. This URL stringcan be either contained directly within the asset metadata record or canbe received as a result of an intervening request to the serviceprovider when no asset URL is indicated in the asset metadata record(indirect navigation). The received A/V stream is routed to CE device 12for decoding and rendering incrementally, whenever enough data todisplay each video frame is received. Content buffering can be optimizedto reduce the selection to first video image latency.

To support the business needs of service providers, such as pre-roll,mid-roll, interstitial or post-roll advertising, the CE device 12 maysupport the concept of content linking or sequencing. The methods used,however, need not be based exclusively upon traditional client-executedplaylists. Instead, the methods may support a ‘server-based’ orincremental playlist scheme, where the entire playlist can be maintainedon the service provider's server and delivered incrementally to the CEdevice 12 in addition to the more traditional discrete playlist, wherethe entire playlist is delivered once, en masse to the client forexecution.

The delivery of playlist data may be accomplished using either of twoentirely different methods. The first method is a persistentlyassociated context semaphore contained within an asset record whereinthe asset type for items having a playlist permanently associated withthe content is defined as type ‘playlist’. This method defines that thesource URL in the asset record forms the HTTP request for a playlistcontaining the requested asset rather than an HTTP request for theactual asset.

The second method can be supported only for those content records usingan asset ID as the persistent reference to a specific piece of contenti.e. those without a source URL. This method uses an asset request inconjunction with the asset ID of the desired content. The XML structurereturned in response to the request contains a playlist with at leastone, but in some non-limiting implementations not more than, twentyentries. The playlist format in this case can be identical to that ofthe playlist obtained through the use of a context semaphore. The onlydifference between this method and the context semaphore method is thatin this second method, the service provider can choose at time of playwhether a playlist should be associated with a content selection basedupon whatever criteria it chooses.

A server-based (incremental) playlist can be realized through the sameprocesses used to deliver a discrete playlist, as described. Anincremental playlist is a playlist having one or more entries and thatthe entry is a link to another playlist. In one example implantation,only list chaining may be supported. If a link to another playlist isincluded in a playlist prior to the end of the list, execution of thelist can jump to the referenced list and any linkage to the calling listlost. At the end of executing the referenced list, control will bereturned to the video guide page, not the calling list.

In addition to supporting pre-roll, interstitial and post-rolladvertising/promotion models, the incremental form of playlist allowsthe service provider the flexibility to offer ‘channelized’ contentpresentation, wherein all content contained in a particular row orcategory of the video guide is played in sequence. Additionally, it alsosupports any form of sequencing that the service provider may desire toimplement so that once a user selects one piece of content, the playerwill continue to play other titles until stopped by the user. It is alsoconceivable that service providers may be interested in making thisfeature user configurable via the service provider-defined option menu.The selectable options defined by the service provider related to theplaylist could include continuous play toggle on/off and random, genre,popularity, chronological, artist, etc. based play order.

To provide indication of playback of a particular piece of content to aservice provider or another party that they have designated, like an adagency, etc., the capability to support event notification may beimplemented. The event notification function can be used for playbackbeacons, impression counting, advertising auditing or other processes.Event notification may consist of a list of events provided as part ofthe service provider's XML response to an appropriate request or an HTTPGET to a URL from an asset record having the type parameter set to‘playlist’. Each playlist event entry will contain a trigger point,defined as occurring when a specified amount of the content playload hasbeen received and decoded, and an associated URL to interrogate upon thetrigger criteria being met. The process of notification can be for theCE device 12 to issue an HTTP GET request to the particular URLassociated with the triggering criteria. Any data received by the CEdevice 12 in response to the request can be discarded withoutevaluation. Once an event is consumed during the playback of aparticular asset, it can be disabled from further use. Retriggeringduring the decoding session of a particular asset may not be supported.Additionally, the scope of an event may be limited to the playback ofthe content with which it was associated.

In addition to supporting playlists, attributes, defined by the serviceprovider and associated with the identified asset, can be optionallyincluded as directives to the CE device 12 during playback. Theseattributes may define a list of individual playback functions that aredisallowed by the content provider for that asset. These functions mayinclude fast forward, rewind, pause, etc. If the list is empty, then allplayback modes can be allowed to be offered to the user by the CE device12. The scope of an attribute can be limited to the playback of thecontent with which it was associated. Once playback of an asset iscompleted, all attributes may be reset. Attributes defined for one assetdo not apply to subsequent assets unless those attributes arespecifically reasserted for each asset.

Additional attributes are included to provide the option of havingtitles and other information that is displayed in association withplayback of content uniquely reflecting the actual asset currentlyplaying from the playlist. This gives service providers the ability tohave titles with each asset in a playlist if that playlist, for example,is a sequence of items available from the video guide, yet display onlya single selection-based title during a pre-roll inserted ad prior tothe actual user-selected content.

While the particular GEOGRAPHIC INTERNET ASSET FILTERING FOR INTERNETVIDEO CLIENT is herein shown and described in detail, it is to beunderstood that the subject matter which is encompassed by the presentinvention is limited only by the claims.

1. Device comprising: processor configured for controlling a display andcommunicating with the Internet through a network interface; theprocessor configured for accessing instructions on a computer readablestorage medium to configure the processor for: contacting a managementserver; providing a network address to the management server, theaddress being associated with a geographic location associated with thedevice; receiving from the management server a user token and at leastone geographically associated service list, the service list containingonly content server addresses that have been approved for access in ageographic region indicated by the address of the device, the serveraddresses being uniform resource locators (URLs); presenting the servicelist on the display; and responsive to a user selection of an entry onthe service list, accessing a content server associated with the entry,wherein as part of the accessing of a content server the processor whenexecuting the instructions is also configured for providing the usertoken such that the device receives a content list of available contentfrom the content server only responsive to the content server receivingthe user token, the processor when executing the instructions beingconfigured for checking the user token against a local database ofactive tokens, and the processor when executing the instructions isconfigured for receiving from the content server the content list at thedevice such that no further authentication is required between thedevice and content server beyond the provisioning of a valid user tokenby the device, and further wherein the device trusts the content serverwithout need for any further authentication on the part of the contentserver, the processor when accessing the instructions being configuredfor permitting no access to Internet sites using the device other thanto the management server and content servers on the service list. 2.(canceled)
 3. The device of claim 1, wherein the device is a television.4. The device of claim 1, wherein the device is a game player.
 5. Thedevice of claim 1, wherein the device is a video disk player.
 6. Thedevice of claim 1, wherein the device is a camera.
 7. The device ofclaim 1, wherein the device is a digital clock radio.
 8. The device ofclaim 1, wherein the device is a mobile telephone.
 9. The device ofclaim 1, wherein the device is a personal digital assistant. 10.Management server comprising: processor configured for communicatingwith the Internet through a network interface; the processor configuredfor accessing instructions on a computer medium to configure theprocessor for: storing plural geographic-specific service lists, eachservice list containing a list of network addresses of content serversapproved for access by CE devices in a respective geographic region,wherein a first address of a first content server for a first geographiclocation is on a first service list but not on a second service list anda second address of a second content server for a second geographiclocation is on the second service list but not the first service list;obtaining a geographic indicator from a CE device contacting themanagement server; correlating the indicator to a geographic region;returning the first service list to the CE device responsive to adetermination that the CE device is in a first geographic region andreturning the second service list to the CE device responsive to adetermination that the CE device is in a second geographic region; andproviding to the content servers on the service lists a respective usertoken for each authorized user.
 11. The management server of claim 10,wherein the content servers are affiliated with business partners of anentity associated with the management server, the business partnersproviding geographic-filtered addresses to the management server forgeneration of the first and second service lists.
 12. The managementserver of claim 10, wherein the geographic indicator is an InternetProtocol (IP) address of the CE device.
 13. The management server ofclaim 10, wherein the correlating is done by using a lookup of IPaddresses and their corresponding locations.
 14. Method comprising:receiving, from a client audio-video presentation device to a managementserver, an identification indicating a geographic location of thedevice; responsive to a determination that the device is in a firstgeographic location, returning, from the management server to thedevice, a first list of content servers at which the device may accesscontent along with a user token required to be presented by theaudio-video presentation device to a content server to access contenttherefrom; and responsive to a determination that the device is in asecond geographic location, returning, from the management server to thedevice, a second list of content servers at which the device may accesscontent.
 15. The method of claim 14, wherein the device is not able toaccess Internet servers not on the lists other than the managementserver, the first list being different from the second list in at leastone respect.
 16. The method of claim 14, wherein no billing oraccounting information is required of the device to access content onany of the content servers.
 17. The method of claim 14, wherein thecontent servers are affiliated with business partners of an entityassociated with the management server, the method comprising receivedfrom the business partners geographic-filtered addresses for generationof the first and second service lists.
 18. The method of claim 14,wherein the identifier is an Internet Protocol (IP) address of thedevice.
 19. The method of claim 14, wherein comprising correlating theidentification to a geographic region by using a lookup ofidentifications and their corresponding locations.